<?php

class CorsPlugin extends Yaf_Plugin_Abstract
{
    /**
     *
     *在路由之前触发
     * @param Yaf_Request_Abstract $request 当前请求对象
     * @param Yaf_Response_Abstract $response 当前响应对象
     * @return
     */
    public function routerStartup(Yaf_Request_Abstract $request, Yaf_Response_Abstract $response)
    {
        $origin = $request->getServer('HTTP_ORIGIN');
        if ($origin && preg_match('/[haohaoce\.com|haohaozhu\.me|haohaozhu\.cn]$/', $origin)) {
            header('Access-Control-Allow-Origin:' . $origin);
            header('Access-Control-Allow-Credentials:true');
            header('Access-Control-Allow-Methods:GET, POST, PATCH, PUT, DELETE, OPTIONS');
            header('Access-Control-Allow-Headers:DNT,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range');
            header('Access-Control-Expose-Headers:Authorization, authenticated');
        }
    }
}
